All firewall has been desactivated. Succesful tests performed with ldapsearch
$debug=true doesn't give more details my first try is without Samba I'm stuck!! -------------------------------- On Sep 24, 2012, at 2:58 PM, Clément OUDOT wrote: > 2012/9/24 Alban >> I'm in trouble with a very basic unsecured lab to evaluate SSP >> >> My lab config >> a single host CentOS 6.3 with IP 10.11.12.124 >> LDAP server: OpenDj 2.5 listening on port 51389 with no startTLS but with >> LDAP V3 only (tested successfully with ldapsearch) >> SSP server: Apache 2.2.15 on port 80 on the same OpenDJ host >> >> >> My config.inc.php contains >> $ldap_url = "ldap://10.11.12.124:51389";; >> $ldap_binddn = "cn=dirman"; >> $ldap_bindpw = "Password123"; >> #$ldap_binddn = ""; >> #$ldap_bindpw = ""; >> $ldap_base = "ou=people,dc=test,dc=lab"; >> $ldap_filter = "(&(objectClass=inetorgperson)(uid={login}))"; >> >> $who_change_password = "user"; >> >> >> ssp_error_log >> [Mon Sep 24 11:33:06 2012] [error] [client 10.11.12.125] LDAP - Bind error >> -1 (Can't contact LDAP server), referer: http://10.11.12.124/ >> >> >> no traces of connection on OpenDJ access log >> >> any idea to fix that issue? >> >> >> I suspect an issue on PHP LDAP side, but phpinfo looks good >> >> PHP Version 5.3.3 >> >> Configure Command >> ./configure' '--build=x86_64-redhat-linux-gnu' >> '--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu' >> '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' >> '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' >> '--includedir=/usr/include' '--libdir=/usr/lib64' >> '--libexecdir=/usr/libexec' '--localstatedir=/var' >> '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' >> '--infodir=/usr/share/info' '--cache-file=../config.cache' >> '--with-libdir=lib64' '--with-config-file-path=/etc' >> '--with-config-file-scan-dir=/etc/php.d' '--disable-debug' '--with-pic' >> '--disable-rpath' '--without-pear' '--with-bz2' '--with-exec-dir=/usr/bin' >> '--with-freetype-dir=/usr' '--with-png-dir=/usr' '--with-xpm-dir=/usr' >> '--enable-gd-native-ttf' '--without-gdbm' '--with-gettext' '--with-gmp' >> '--with-iconv' '--with-jpeg-dir=/usr' '--with-openssl' >> '--with-pcre-regex=/usr' '--with-zlib' '--with-layout=GNU' '--enable-exif' >> '--enable-ftp' '--enable-magic-quotes' '--enable-sockets' '--enable-sysvsem' >> '--enable-sysvshm' '--enable-sysvmsg' '--with-kerberos' >> '--enable-ucd-snmp-hack' '--enable-shmop' '--enable-calendar' >> '--without-sqlite' '--with-libxml-dir=/usr' '--enable-xml' >> '--with-system-tzdata' '--with-apxs2=/usr/sbin/apxs' '--without-mysql' >> '--without-gd' '--disable-dom' '--disable-dba' '--without-unixODBC' >> '--disable-pdo' '--disable-xmlreader' '--disable-xmlwriter' >> '--without-sqlite3' '--disable-phar' '--disable-fileinfo' '--disable-json' >> '--without-pspell' '--disable-wddx' '--without-curl' '--disable-posix' >> '--disable-sysvmsg' '--disable-sysvshm' '--disable-sysvsem' >> >> Additional .ini files parsed >> /etc/php.d/curl.ini, /etc/php.d/dom.ini, /etc/php.d/fileinfo.ini, >> /etc/php.d/gd.ini, /etc/php.d/json.ini, /etc/php.d/ldap.ini, >> /etc/php.d/mcrypt.ini, /etc/php.d/pdo.ini, /etc/php.d/pdo_sqlite.ini, >> /etc/php.d/phar.ini, /etc/php.d/sqlite3.ini, /etc/php.d/wddx.ini, >> /etc/php.d/xmlreader.ini, /etc/php.d/xmlwriter.ini, /etc/php.d/xsl.ini, >> /etc/php.d/zip.ini >> >> Apache Apache/2.2.15 (CentOS) loaded modules >> core prefork http_core mod_so mod_auth_basic mod_auth_digest mod_authn_file >> mod_authn_alias mod_authn_anon mod_authn_dbm mod_authn_default >> mod_authz_host mod_authz_user mod_authz_owner mod_authz_groupfile >> mod_authz_dbm mod_authz_default util_ldap mod_authnz_ldap mod_include >> mod_log_config mod_logio mod_env mod_ext_filter mod_mime_magic mod_expires >> mod_deflate mod_headers mod_usertrack mod_setenvif mod_mime mod_dav >> mod_status mod_autoindex mod_info mod_dav_fs mod_vhost_alias mod_negotiation >> mod_dir mod_actions mod_speling mod_userdir mod_alias mod_substitute >> mod_rewrite mod_proxy mod_proxy_balancer mod_proxy_ftp mod_proxy_http >> mod_proxy_ajp mod_proxy_connect mod_cache mod_suexec mod_disk_cache mod_cgi >> mod_version mod_perl mod_php5 mod_ssl mod_wsgi >> >> >> ldap >> LDAP Support enabled >> RCS Version $Id: ldap.c 299434 2010-05-17 20:09:42Z pajoye $ >> Total Links 0/unlimited >> API Version 3001 >> Vendor Name OpenLDAP >> Vendor Version 20423 >> SASL Support Enabled >> >> Directive Local Value Master Value >> ldap.max_links Unlimited Unlimited > > Hi, > > your SSP configuration seems ok. The error message says that the LDAP > server cannot be joined, are you really sure you do not have any > firewall rule blocking the TCP connection between your PHP server and > your LDAP server? > > You can try to activate the debug mode in SSP ($debug = true), you > will maybe get more details on the problem. > >> Additional question: what are the requirements/dependencies to install/check >> all SPP requirements? > > Some checks are already done in index.php. We have some dependencies > on mb_string, mhash, mcrypt. To use the Samba mode for example in > CentOS 6, you will face this bug: > http://tools.ltb-project.org/issues/359 > > Clément.
_______________________________________________ ltb-users mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-users
